Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dahuasecurity sd6al_firmware |
||
dahuasecurity sd5a_firmware |
||
dahuasecurity sd1a_firmware |
||
dahuasecurity ptz1a_firmware |
||
dahuasecurity sd50_firmware |
||
dahuasecurity sd52c_firmware |
||
dahuasecurity ipc-hx5842h_firmware |
||
dahuasecurity ipc-hx7842h_firmware |
||
dahuasecurity ipc-hx2xxx_firmware |
||
dahuasecurity ipc-hxxx5x4x_firmware |
||
dahuasecurity n42b1p_firmware |
||
dahuasecurity n42b2p_firmware |
||
dahuasecurity n42b3p_firmware |
||
dahuasecurity n52a4p_firmware |
||
dahuasecurity n54a4p_firmware |
||
dahuasecurity n52b2p_firmware |
||
dahuasecurity n52b5p_firmware |
||
dahuasecurity n52b3p_firmware |
||
dahuasecurity n54b2p_firmware |
||
dahuasecurity ipc-hdbw1320e-w_firmware |